Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(token-service): generated password should contain required characters #813

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

mmalenic
Copy link
Member

@mmalenic mmalenic commented Jan 16, 2025

Closes #811

Changes

Copy link

gitguardian bot commented Jan 16, 2025

️✅ There are no secrets present in this pull request anymore.

If these secrets were true positive and are still valid, we highly recommend you to revoke them.
While these secrets were previously flagged, we no longer have a reference to the
specific commits where they were detected. Once a secret has been leaked into a git
repository, you should consider it compromised, even if it was deleted immediately.
Find here more information about risks.


🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

@mmalenic mmalenic force-pushed the fix/token-service-password branch from bdb3209 to ebdf111 Compare January 16, 2025 04:11
@mmalenic mmalenic force-pushed the fix/token-service-password branch from ebdf111 to 14e7542 Compare January 16, 2025 04:33
@mmalenic mmalenic self-assigned this Jan 16, 2025
@mmalenic mmalenic requested a review from reisingerf January 16, 2025 04:34
Copy link
Member

@reisingerf reisingerf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sweet! LGTM

@mmalenic
Copy link
Member Author

I needed to add the ability to reset the secret if it gets stuck in the AWSPENDING state. It's not possible to create a new pending secret if there is already an existing pending secret, because the existing secret is always retrieved:

try:
_get_secret_dict(service_client, arn, "AWSPENDING", token)
logger.info("createSecret: Successfully retrieved secret for %s." % arn)

Now there is another step called "resetPendingSecret" which can be called manually.

@mmalenic mmalenic requested a review from reisingerf January 17, 2025 00:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

bug: token service secret rotation sometimes fails
2 participants